class SessionsController < ApplicationController

  def create

    user = User.find_by(email:params[:session][:email].downcase)

    if user && user.authenticate(params[:session][:password])
      sign_in user
      redirect_back_or user
    else
      flash[:error] = 'Invalid email/password combination'
      render 'new'
    end
  end

  def new
  end

  def destroy
      sign_out
      redirect_to signin_path
  end

  private

    def render_new
      render 'new'
    end
end
